153 matches found
CVE-2025-49216
The CVE-2025-49216 entry relates to Trend Micro Endpoint Encryption PolicyServer. The connected ZDI advisory (ZDI-25-373) states an authentication bypass exists in the DbAppDomain service, enabling remote attackers to bypass authentication and act with admin-level access to modify product configu...
CVE-2025-49216
An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations...
CVE-2025-49216
An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations...
CVE-2025-49215
CVE-2025-49215 describes a post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer that can lead to privilege escalation on affected installations. The main affected component is PolicyServer; the underlying issue is an SQL injection flaw exploitable after the at...
CVE-2025-49215
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...
CVE-2025-49214
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...
CVE-2025-49214
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...
CVE-2025-49213
CVE-2025-49213 describes an insecure deserialization flaw in the Trend Micro Endpoint Encryption PolicyServer that could allow pre-authentication remote code execution on affected installations. According to the available description, the vulnerability is in a different method than CVE-2025-49212...
CVE-2025-49212
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method...
CVE-2025-49212
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method...
CVE-2025-49211
CVE-2025-49211 describes a SQL injection in Trend Micro Endpoint Encryption PolicyServer that can escalate privileges. Public details identify the flaw in the BuildEnterpriseSearchString SQL construction as the root cause and note that authentication is reportedly required but can be bypassed to ...
CVE-2025-49211
A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability...
CVE-2025-49211
A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability...
Trend Micro Endpoint Encryption PolicyServer SQL注入漏洞
Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from a post-authentication SQL injection issue that could result in elevated privileges...
Trend Micro Endpoint Encryption PolicyServer 安全漏洞
Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from an authentication bypass issue that could result in modification of the product configuration...
Trend Micro Endpoint Encryption PolicyServer 安全漏洞
Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from improper deserialization and could lead to pre-authenticated remote code execution...
Trend Micro Endpoint Encryption PolicyServer 安全漏洞
Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from a post-authentication SQL injection issue that could result in elevated privileges...
Trend Micro Endpoint Encryption PolicyServer 安全漏洞
Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from improper deserialization and could lead to pre-authenticated remote code execution...
Trend Micro Endpoint Encryption PolicyServer 安全漏洞
Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from improper deserialization and could lead to pre-authenticated remote code execution...
Trend Micro Endpoint Encryption PolicyServer SQL注入漏洞
Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from a SQL injection issue that could result in elevated privileges...